Export limit exceeded: 363407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363407 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363407 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0566 | 1 Asp News | 1 Asp News | 2026-04-23 | N/A |
| SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-0567 | 1 Interactive-scripts.com | 1 Php Membership Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Manager 1.5 allows remote attackers to inject arbitrary web script or HTML via the _p parameter. | ||||
| CVE-2007-0568 | 1 Myphpcommander | 1 Myphpcommander | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter. | ||||
| CVE-2007-0571 | 1 Phpmyreports | 1 Phpmyreports | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter. | ||||
| CVE-2008-2866 | 1 Caupo.net | 1 Cauposhop Classic | 2026-04-23 | N/A |
| SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter. | ||||
| CVE-2008-2901 | 1 Haudenschilt | 1 Family Connections Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter to home.php in a results action. | ||||
| CVE-2007-0573 | 1 Nsgalphp | 1 Nsgalphp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter. | ||||
| CVE-2007-0575 | 1 Stefan Holmberg | 1 Admentor | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields. | ||||
| CVE-2009-0935 | 1 Linux | 1 Linux Kernel | 2026-04-23 | 5.5 Medium |
| The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper synchronization of a data structure for the inotify instance. | ||||
| CVE-2009-4400 | 2 Fr.simon Rundell, Typo3 | 2 Ste Parish Admin, Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | ||||
| CVE-2009-4401 | 2 Fr.simon Rundell, Typo3 | 2 Ste Parish Admin, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Parish Administration Database (ste_parish_admin) extension 0.1.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-0581 | 1 Eclipsebb | 1 Eclipsebb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2007-0583 | 1 Http Commander | 1 Http Commander | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0584 | 1 G-neric | 1 Php Generic Library And Framework | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | ||||
| CVE-2007-0585 | 1 Webfwlog | 1 Webfwlog | 2026-04-23 | N/A |
| include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks. | ||||
| CVE-2007-0588 | 1 Apple | 2 Mac Os X, Quicktime | 2026-04-23 | N/A |
| The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. NOTE: this issue might overlap CVE-2007-0462. | ||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | ||||
| CVE-2007-0592 | 1 Indexcor | 1 Ezdatabase | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to admin/login.php and the Admin Panel Database. | ||||
| CVE-2007-0593 | 1 Siteman | 1 Siteman | 2026-04-23 | N/A |
| Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt. | ||||